In the Claims 




The status of claims in the case is as follows: 



1. [Currently amended] A system for a web based trust 
odel governing delivery of services and programs from a 
workflow, enterprise and mail -enabled application server and 
platform, comprising 



5 
6 



a connection protocol connecting a user client to a 
server site; 



7 
8 
9 
10 



download utilities responsive to said connection 
protocol for downloading said services and programs 
from said server site do separate and non-conflicting 
execution spaces at said\user client; and 



11 
12 
13 
14 



trust assignment user interface dialogs responsive to 
said connection protocol for\advising said user of 
risks taken when accepting executable download from 
said server site; and 



15 
16 



said server site responsive to saidXuser accepting said 
server site as trusted for centrally administering 
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\ 



security policies for said services and programs , 



1 2. [Original] Tttie system of claim 1, said connection 

2 protocol selectively being HTTP or HTTPS . 




4 
5 



3. [Original] The Wstem of claim 1, further comprising: 



a processor for establishing security context, said 
processor including\ 

a stage 1 processor for determining from said user 
if said server sitev is to be trusted; and 



6 
7 
8 
9 
10 



a stage 2 processor for establishing whether or 
not the identity of said web site is confirmed and 
determining from said useV if processing should 
continue to include installation of programs on 
said client. 



1 4. [Original] The system of claim 3, further comprising: 



a client download page; 



a download control element in said download page; 
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said processor being activated upon activation of said 
download control element within said download page 
initiating a download process first to establish a 
security context and \ then to download program 
executable files. 

[Original] The systeih of claim 2, further comprising: 

said download utilities being responsive to an SSL 
connection to said server for activating said dialog to 
advise said user that said server site has been 
verified as being what it\ represents itself to be and 
to query said user whethen code is to be downloaded 
from said server site to said client. 



6. [Original] The system of cl^im 5, said code being 
custom code . 

7. [Currently amended] The systenAof claim 5, said 
download utilities being responsive to a connection 
from said client to said server being other than SSL 
for activating said dialog to adviae said user that 
said server site has not been verified as being what it 
represents itself to be and to query waid said user 
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whether code is :o be downloaded from said server site 
to said client. 



[Original] The 4y stem °f claim 7, said code being 
custom code. 

[Original] The system of claim 1, further comprising: 

said download utilities being responsive to user 
acceptance of download from said server site of 
executable code for ^downloading said executable code to 
said client; 

a trace utility for identifying originators of 
downloaded code. 

10. [Original] The system o^f claim 9, said trace utility 
selectively identifying originators of signed agents 
through electronic signature, of custom code traceable 
to code vendor through web\site relationship, or custom 
code directly created by said web site. 



11. [Original] The system of claYm 1, further comprising: 
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a first trust model \ for establishing level of traceable 
accountability for a\ subscription at download time over 
a secure connection protocol; 

a second trust model for establishing a reduced level 
of traceable accountability, with traceable 
accountability established only for electronically 
signed agents used by said subscription over a 
connection protocol not! verified as secure; and 

said dialogs being responsive to said trust models. 

12. [Currently amended] A metlhod for governing delivery of 
services and programs from a workflow, enterprise and mail- 
enabled application server and platform according to a web 
based trust model, comprising the steps of: 

establishing a connection protocol between a client and 
a web site; \ 

responsive to said connection protocol, determining a 
trust level assignable to said web site relative to 
risks taken when accepting executable download from 
said web site; \ 
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advising a user at 
assignable with res 
and 



said client of said trust level 
ect to said risks to said web site; 



responsive to user acceptance of said risks and 
accepting said server! site as trusted , downloading said 
services and programs If rom a server site to separate 
and non-conflicting execution spaces at said user 
client and centrally aLministering security policies 
for said services and programs . 

13. [Original] The method ^>f claim 12, further comprising 
the steps of : 

displaying a download control element in a client 
download page; 

responsive to user selection of said download control 
element or upon schedule, initiating a download process 
first to establish a security context and then to 
download program executable niles from said server. 



14. [Original] The method of claim 12, further comprising 
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• 



the step of : 



3 
4 
5 



responsive to user acceptance of download from said 
server site of executable code, downloading said 
executable code to said client. 




1 
2 



15. [Original] They method of claim 14, further comprising 
the step of: 

identifying originators of downloaded code, 

16. [Original] The method \pf claim 15, further comprising 
the step of 



3 
4 
5 
6 



selectively identifying originators of signed agents 
through electronic signature, \pf custom code traceable 
to code vendor through web site\relationship, or custom 
code directly created by said web\site. 



1 17. [Currently amended] The method of cla^im 12, further 

2 comprising the sep© steps of 



3 
4 



establishing a first trust model specifying \a level of 
traceable accountability for a subscription auv download 
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5 time over a secure connection protocol; 

6 establishing a\ second trust model for specifying a 

7 reduced level of. traceable accountability, with 

8 traceable accountability established only for 

9 \ electronically signed agents used by said subscription 

^ over a connection protocol not verified as secure; and 

11 said dialogs beingi responsive to said trust models. 

1 18. [Currently amended]\ A program storage device readable 

2 by a machine, tangibly enfoodying a program of instructions 

3 executable by a machine to perform method steps for 

4 governing delivery of services and programs from a workflow, 

5 enterprise and mail -enabled\ application server and platform 

6 according to a web based trust model, said method steps 

7 comprising: \ 

8 establishing a connection protocol between a client and 

9 a web site; \ 

10 responsive to said connection protocol , determining a 

11 trust level assignable to said web site relative to 

12 risks taken when accepting executable download from 
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# 



13 said webNsite; \ 

14 advising a user at said client of said trust level 

15 assignable witri respect to said risks to said web site; 

1 6 and \ 

^USbC Y responsive to user Acceptance of said risks and 

!y Pffl accepting said serven site as trusted , downloading said 

19 services and programs Jirom a server site to separate 

20 and non-conf lictinq execution spaces at said user 

21 client and centrally administering security policies 

22 for said services and programs . 

1 19. [Currently amended] A computeA program product 

2 configured to be operable to govern delivery of services and 

3 programs from a workflow, enterprise ana mail -enabled 

4 application server and platform accordingVto a web based 

5 trust model, according to the steps of: \ 

6 establishing a connection protocol between^ a client and 

7 a web site; \ 

8 responsive to said connection protocol, determining a 

9 trust level assignable to said web site relative \p 
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10 risks taken when accepting executable download from 

11 said web site; \ 

12 advising a user aA said client of said trust level 

13 ^ assignable with respect to said risks to said web site; 

1yr " \ 

15 ^ responsive to user acceptance of said risks and 

16 accepting said server site as trusted , downloading said 

17 services and programs from a server site to separate 

18 and non-conflicting execution spaces at said user 

19 client and centrally administering security policies 

20 for said services and programs . 
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